index : archinstall32 | |
Archlinux32 installer | gitolite user |
summaryrefslogtreecommitdiff |
-rw-r--r-- | archinstall/lib/installer.py | 28 |
diff --git a/archinstall/lib/installer.py b/archinstall/lib/installer.py index 894bcc2a..9060083a 100644 --- a/archinstall/lib/installer.py +++ b/archinstall/lib/installer.py @@ -956,8 +956,34 @@ class Installer: def enable_sudo(self, entity: str, group :bool = False) -> bool: self.log(f'Enabling sudo permissions for {entity}.', level=logging.INFO) - with open(f'{self.target}/etc/sudoers', 'a') as sudoers: + + sudoers_dir = f"{self.target}/etc/sudoers.d" + + # Creates directory if not exists + if not (sudoers_path := pathlib.Path(sudoers_dir)).exists(): + sudoers_path.mkdir(parents=True) + # Guarantees sudoer confs directory recommended perms + os.chmod(sudoers_dir, 0o440) + # Appends a reference to the sudoers file, because if we are here sudoers.d did not exist yet + with open(f'{self.target}/etc/sudoers', 'a') as sudoers: + sudoers.write('@includedir /etc/sudoers.d\n') + + # We count how many files are there already so we know which number to prefix the file with + num_of_rules_already = len(os.listdir(sudoers_dir)) + file_num_str = "{:02d}".format(num_of_rules_already) # We want 00_user1, 01_user2, etc + + # Guarantees that entity str does not contain invalid characters for a linux file name: + # \ / : * ? " < > | + safe_entity_file_name = re.sub(r'(\\|\/|:|\*|\?|"|<|>|\|)', '', entity) + + rule_file_name = f"{sudoers_dir}/{file_num_str}_{safe_entity_file_name}" + + with open(rule_file_name, 'a') as sudoers: sudoers.write(f'{"%" if group else ""}{entity} ALL=(ALL) ALL\n') + + # Guarantees sudoer conf file recommended perms + os.chmod(pathlib.Path(rule_file_name), 0o440) + return True def user_create(self, user :str, password :Optional[str] = None, groups :Optional[str] = None, sudo :bool = False) -> None: |